Name: | squid |
---|---|
Epoch: | 7 |
Version: | 3.5.20 |
Release: | 17.el7_9.4 |
Architecture: | x86_64 |
Group: | System Environment/Daemons |
Size: | 10938438 |
License: | GPLv2+ and (LGPLv2+ and MIT and BSD and Public Domain) |
RPM: | squid-3.5.20-17.el7_9.4.x86_64.rpm |
Source RPM: | squid-3.5.20-17.el7_9.4.src.rpm |
Build Date: | Sat Oct 03 2020 |
Build Host: | jenkins-172-17-0-2-12b27883-eefe-46f1-997c-d21ca9f6b896.appad3iad.osdevelopmeniad.oraclevcn.com |
Vendor: | Oracle America |
URL: | http://www.squid-cache.org |
Summary: | The Squid proxy caching server |
Description: | Squid is a high-performance proxy caching server for Web clients, supporting FTP, gopher, and HTTP data objects. Unlike traditional caching software, Squid handles all requests in a single, non-blocking, I/O-driven process. Squid keeps meta data and especially hot objects cached in RAM, caches DNS lookups, supports non-blocking DNS lookups, and implements negative caching of failed requests. Squid consists of a main server program squid, a Domain Name System lookup program (dnsserver), a program for retrieving FTP data (ftpget), and some management and client tools. |
- Resolves: #1872349 - CVE-2020-24606 squid: Improper Input Validation could result in a DoS - Resolves: #1872327 - CVE-2020-15810 squid: HTTP Request Smuggling could result in cache poisoning - Resolves: #1872342 - CVE-2020-15811 squid: HTTP Request Splitting could result in cache poisoning
- Resolves: #1802516 - CVE-2020-8449 squid: Improper input validation issues in HTTP Request processing - Resolves: #1802515 - CVE-2020-8450 squid: Buffer overflow in a Squid acting as reverse-proxy - Resolves: #1853129 - CVE-2020-15049 squid: request smuggling and poisoning attack against the HTTP cache - Resolves: #1802517 - CVE-2019-12528 squid: Information Disclosure issue in FTP Gateway
- Resolves: #1828361 - CVE-2020-11945 squid: improper access restriction upon Digest Authentication nonce replay could lead to remote code execution - Resolves: #1828362 - CVE-2019-12519 squid: improper check for new member in ESIExpression::Evaluate allows for stack buffer overflow [rhel
- Resolves: #1738582 - CVE-2019-12525 squid: parsing of header Proxy-Authentication leads to memory corruption
- Resolves: #1690551 - Squid cache_peer DNS lookup failed when not all lower case - Resolves: #1680022 - squid can't display download/upload packet size for HTTPS sites - Resolves: #1717430 - Excessive memory usage when running out of descriptors - Resolves: #1676420 - Cache siblings return wrongly cached gateway timeouts - Resolves: #1729435 - CVE-2019-13345 squid: XSS via user_name or auth parameter in cachemgr.cgi - Resolves: #1582301 - CVE-2018-1000024 CVE-2018-1000027 squid: various flaws
- Resolves: #1620546 - migration of upstream squid
- Resolves: #1471140 - Missing detailed configuration file
- Resolves: #1452200 - Include kerberos_ldap_group helper in squid
- Resolves: #1445219 - [RFE] Add rock cache directive to squid
- Resolves: #1290404 - wrong names of components in man page, section SEE ALSO